java -ea -Xmx8000000000 -Xss4m -jar ./plugins/org.eclipse.equinox.launcher_1.3.100.v20150511-1540.jar -data @noDefault -ultimatedata ./data -tc ../../../trunk/examples/toolchains/AbstractInterpretationInline.xml -s ../../../trunk/examples/settings/ai/array-bench/reach_32bit_array_oct.epf -i ../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/PointerIncrement.bpl -------------------------------------------------------------------------------- This is Ultimate 0.1.24-1377b90 [2019-01-07 16:12:15,068 INFO L170 SettingsManager]: Resetting all preferences to default values... [2019-01-07 16:12:15,070 INFO L174 SettingsManager]: Resetting UltimateCore preferences to default values [2019-01-07 16:12:15,082 INFO L177 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2019-01-07 16:12:15,083 INFO L174 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2019-01-07 16:12:15,084 INFO L174 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2019-01-07 16:12:15,085 INFO L174 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2019-01-07 16:12:15,087 INFO L174 SettingsManager]: Resetting LassoRanker preferences to default values [2019-01-07 16:12:15,088 INFO L174 SettingsManager]: Resetting Reaching Definitions preferences to default values [2019-01-07 16:12:15,089 INFO L174 SettingsManager]: Resetting SyntaxChecker preferences to default values [2019-01-07 16:12:15,090 INFO L177 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2019-01-07 16:12:15,090 INFO L174 SettingsManager]: Resetting LTL2Aut preferences to default values [2019-01-07 16:12:15,091 INFO L174 SettingsManager]: Resetting PEA to Boogie preferences to default values [2019-01-07 16:12:15,092 INFO L174 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2019-01-07 16:12:15,093 INFO L174 SettingsManager]: Resetting ChcToBoogie preferences to default values [2019-01-07 16:12:15,094 INFO L174 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2019-01-07 16:12:15,095 INFO L174 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2019-01-07 16:12:15,097 INFO L174 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2019-01-07 16:12:15,099 INFO L174 SettingsManager]: Resetting CodeCheck preferences to default values [2019-01-07 16:12:15,100 INFO L174 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2019-01-07 16:12:15,101 INFO L174 SettingsManager]: Resetting RCFGBuilder preferences to default values [2019-01-07 16:12:15,102 INFO L174 SettingsManager]: Resetting TraceAbstraction preferences to default values [2019-01-07 16:12:15,105 INFO L177 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2019-01-07 16:12:15,105 INFO L177 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2019-01-07 16:12:15,105 INFO L174 SettingsManager]: Resetting TreeAutomizer preferences to default values [2019-01-07 16:12:15,106 INFO L174 SettingsManager]: Resetting IcfgTransformer preferences to default values [2019-01-07 16:12:15,107 INFO L174 SettingsManager]: Resetting Boogie Printer preferences to default values [2019-01-07 16:12:15,108 INFO L174 SettingsManager]: Resetting ReqPrinter preferences to default values [2019-01-07 16:12:15,109 INFO L174 SettingsManager]: Resetting Witness Printer preferences to default values [2019-01-07 16:12:15,110 INFO L177 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2019-01-07 16:12:15,110 INFO L174 SettingsManager]: Resetting CDTParser preferences to default values [2019-01-07 16:12:15,111 INFO L177 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2019-01-07 16:12:15,111 INFO L177 SettingsManager]: ReqParser provides no preferences, ignoring... [2019-01-07 16:12:15,111 INFO L174 SettingsManager]: Resetting SmtParser preferences to default values [2019-01-07 16:12:15,112 INFO L174 SettingsManager]: Resetting Witness Parser preferences to default values [2019-01-07 16:12:15,113 INFO L181 SettingsManager]: Finished resetting all preferences to default values... [2019-01-07 16:12:15,113 INFO L98 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/settings/ai/array-bench/reach_32bit_array_oct.epf [2019-01-07 16:12:15,126 INFO L110 SettingsManager]: Loading preferences was successful [2019-01-07 16:12:15,126 INFO L112 SettingsManager]: Preferences different from defaults after loading the file: [2019-01-07 16:12:15,127 INFO L131 SettingsManager]: Preferences of Boogie Preprocessor differ from their defaults: [2019-01-07 16:12:15,127 INFO L133 SettingsManager]: * Show backtranslation warnings=false [2019-01-07 16:12:15,128 INFO L131 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2019-01-07 16:12:15,128 INFO L133 SettingsManager]: * User list type=DISABLED [2019-01-07 16:12:15,128 INFO L133 SettingsManager]: * Inline calls to unimplemented procedures=true [2019-01-07 16:12:15,128 INFO L131 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2019-01-07 16:12:15,128 INFO L133 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2019-01-07 16:12:15,129 INFO L133 SettingsManager]: * Underlying domain=OctagonDomain [2019-01-07 16:12:15,129 INFO L133 SettingsManager]: * Abstract domain=ArrayDomain [2019-01-07 16:12:15,129 INFO L133 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2019-01-07 16:12:15,129 INFO L133 SettingsManager]: * Interval Domain=false [2019-01-07 16:12:15,130 INFO L131 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2019-01-07 16:12:15,130 INFO L133 SettingsManager]: * Create parallel compositions if possible=false [2019-01-07 16:12:15,130 INFO L133 SettingsManager]: * Use SBE=true [2019-01-07 16:12:15,130 INFO L131 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2019-01-07 16:12:15,130 INFO L133 SettingsManager]: * sizeof long=4 [2019-01-07 16:12:15,131 INFO L133 SettingsManager]: * Overapproximate operations on floating types=true [2019-01-07 16:12:15,131 INFO L133 SettingsManager]: * sizeof POINTER=4 [2019-01-07 16:12:15,131 INFO L133 SettingsManager]: * Check division by zero=IGNORE [2019-01-07 16:12:15,131 INFO L133 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2019-01-07 16:12:15,131 INFO L133 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2019-01-07 16:12:15,132 INFO L133 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2019-01-07 16:12:15,132 INFO L133 SettingsManager]: * sizeof long double=12 [2019-01-07 16:12:15,132 INFO L133 SettingsManager]: * Check if freed pointer was valid=false [2019-01-07 16:12:15,132 INFO L133 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2019-01-07 16:12:15,132 INFO L131 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2019-01-07 16:12:15,133 INFO L133 SettingsManager]: * Size of a code block=SequenceOfStatements [2019-01-07 16:12:15,133 INFO L133 SettingsManager]: * SMT solver=External_DefaultMode [2019-01-07 16:12:15,133 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-01-07 16:12:15,133 INFO L131 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2019-01-07 16:12:15,133 INFO L133 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2019-01-07 16:12:15,134 INFO L133 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2019-01-07 16:12:15,134 INFO L133 SettingsManager]: * Trace refinement strategy=TAIPAN [2019-01-07 16:12:15,134 INFO L133 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2019-01-07 16:12:15,134 INFO L133 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2019-01-07 16:12:15,134 INFO L133 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2019-01-07 16:12:15,135 INFO L133 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2019-01-07 16:12:15,184 INFO L81 nceAwareModelManager]: Repository-Root is: /tmp [2019-01-07 16:12:15,201 INFO L258 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2019-01-07 16:12:15,208 INFO L214 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2019-01-07 16:12:15,210 INFO L271 PluginConnector]: Initializing Boogie PL CUP Parser... [2019-01-07 16:12:15,211 INFO L276 PluginConnector]: Boogie PL CUP Parser initialized [2019-01-07 16:12:15,212 INFO L418 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/PointerIncrement.bpl [2019-01-07 16:12:15,212 INFO L111 BoogieParser]: Parsing: '/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../../../trunk/examples/programs/toy/tooDifficultLoopInvariant/PointerIncrement.bpl' [2019-01-07 16:12:15,280 INFO L296 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2019-01-07 16:12:15,282 INFO L131 ToolchainWalker]: Walking toolchain with 4 elements. [2019-01-07 16:12:15,283 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2019-01-07 16:12:15,283 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2019-01-07 16:12:15,283 INFO L276 PluginConnector]: Boogie Procedure Inliner initialized [2019-01-07 16:12:15,301 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,317 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,347 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2019-01-07 16:12:15,348 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2019-01-07 16:12:15,348 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2019-01-07 16:12:15,348 INFO L276 PluginConnector]: Boogie Preprocessor initialized [2019-01-07 16:12:15,361 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,362 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,364 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,364 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,375 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,381 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,383 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... [2019-01-07 16:12:15,385 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2019-01-07 16:12:15,386 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2019-01-07 16:12:15,386 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2019-01-07 16:12:15,386 INFO L276 PluginConnector]: RCFGBuilder initialized [2019-01-07 16:12:15,387 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.boogie.parser AST 07.01 04:12:15" (1/1) ... No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 Starting monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) Waiting until toolchain timeout for monitored process 1 with z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2019-01-07 16:12:15,467 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2019-01-07 16:12:15,467 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2019-01-07 16:12:16,007 INFO L281 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2019-01-07 16:12:16,007 INFO L286 CfgBuilder]: Removed 9 assue(true) statements. [2019-01-07 16:12:16,010 INFO L202 PluginConnector]: Adding new model PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 07.01 04:12:16 BoogieIcfgContainer [2019-01-07 16:12:16,010 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2019-01-07 16:12:16,011 INFO L113 PluginConnector]: ------------------------Abstract Interpretation---------------------------- [2019-01-07 16:12:16,011 INFO L271 PluginConnector]: Initializing Abstract Interpretation... [2019-01-07 16:12:16,011 INFO L276 PluginConnector]: Abstract Interpretation initialized [2019-01-07 16:12:16,014 INFO L185 PluginConnector]: Executing the observer AbstractInterpretationRcfgObserver from plugin Abstract Interpretation for "PointerIncrement.bpl de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 07.01 04:12:16" (1/1) ... [2019-01-07 16:12:16,074 INFO L101 FixpointEngine]: Starting fixpoint engine with domain ArrayDomain (maxUnwinding=3, maxParallelStates=2) [2019-01-07 16:12:16,339 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 16:12:16,339 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 16:12:16,340 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 16:12:16,341 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 16:12:16,342 WARN L224 ngHoareTripleChecker]: Pre: {2147483647#(forall ((v_idx_7 Int) (v_idx_8 Int) (v_idx_9 Int) (v_idx_3 Int) (v_idx_10 Int) (v_idx_4 Int) (v_idx_5 Int) (v_idx_6 Int) (v_idx_1 Int) (v_idx_2 Int)) (exists ((v_v_8_1 Int) (v_v_3_1 Bool) (v_v_9_1 Int) (v_v_2_1 Bool) (v_v_4_1 Bool) (v_v_7_1 (Array Int Int)) (v_v_0_1 Int) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_6_1 Int)) (and (= v_v_5_1 (select |c_#memory_int| v_idx_5)) (= v_v_7_1 (select |c_old(#memory_int)| v_idx_6)) (= (select |c_old(#length)| v_idx_8) v_v_1_1) (= (select v_v_7_1 v_idx_9) v_v_8_1) (= (select |c_ULTIMATE.start_~malloc_old_#length| v_idx_10) v_v_9_1) (= v_v_2_1 (select |c_ULTIMATE.start_~malloc_old_#valid| v_idx_1)) (= (select |c_#valid| v_idx_3) v_v_3_1) (= (select |c_old(#valid)| v_idx_4) v_v_4_1) (= v_v_6_1 (select v_v_5_1 v_idx_2)) (= v_v_0_1 (select |c_#length| v_idx_7)))))} [2019-01-07 16:12:16,345 WARN L228 ngHoareTripleChecker]: Action: #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := false]; [2019-01-07 16:12:16,346 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= |c_#NULL.offset_primed| 0) (= |c_#NULL.base_primed| 0) (= |c_#valid_primed| (store |c_#valid| 0 false))) [2019-01-07 16:12:16,347 WARN L230 ngHoareTripleChecker]: Post: {2147483646#(forall ((v_idx_14 Int) (v_idx_15 Int) (v_idx_12 Int) (v_idx_13 Int) (v_idx_21 Int) (v_idx_22 Int) (v_idx_11 Int) (v_idx_20 Int) (v_idx_18 Int) (v_idx_19 Int) (v_idx_16 Int) (v_idx_17 Int)) (exists ((v_v_2_1 Bool) (v_v_4_1 Bool) (v_v_8_1 Int) (v_v_9_1 Int) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_0_1 Int) (v_v_11_1 Bool) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_b_0_1 Int) (v_v_10_1 Bool) (v_v_6_1 Int) (v_b_1_1 Int)) (and (<= (- (- |c_#NULL.offset|) |c_#NULL.offset|) 0) (<= (- (- |c_#NULL.base|) (- v_b_1_1)) 1) (<= (- |c_#NULL.offset| (- v_b_1_1)) 1) (= 0 (+ v_b_1_1 (- 1))) (= (+ v_b_0_1 1) (+ (- |c_#NULL.base|) 1)) (<= (- |c_#NULL.base| (- v_b_1_1)) 1) (<= (- (- |c_#NULL.offset|) (- v_b_1_1)) 1) (= (select |c_old(#valid)| v_idx_13) v_v_4_1) (<= (- (- |c_#NULL.base|) v_b_0_1) 0) (<= (- (- |c_#NULL.base|) v_b_1_1) (- 1)) (= (+ (- v_b_1_1) 1) 0) (<= (- |c_#NULL.base| v_b_0_1) 0) (= v_b_1_1 (+ (- |c_#NULL.base|) 1)) (= v_v_5_1 (select |c_#memory_int| v_idx_17)) (<= (- (- v_b_0_1) (- v_b_1_1)) 1) (<= (- (- v_b_1_1) v_b_1_1) (- 2)) (= (select |c_old(#memory_int)| v_idx_18) v_v_7_1) (= (+ (- |c_#NULL.base|) 1) (+ (- v_b_0_1) 1)) (<= (- v_b_0_1 v_b_1_1) (- 1)) (= v_v_8_1 (select v_v_7_1 v_idx_21)) (<= (- |c_#NULL.base| (- |c_#NULL.base|)) 0) (= (select |c_old(#length)| v_idx_20) v_v_1_1) (<= (- v_b_0_1 (- v_b_0_1)) 0) (or (= (select |c_#valid| v_idx_16) v_v_12_1) (< v_idx_16 v_b_1_1)) (<= (- (- v_b_0_1) v_b_0_1) 0) (<= (- |c_#NULL.base| (- |c_#NULL.offset|)) 0) (not v_v_11_1) (= (- |c_#NULL.base|) 0) (= 1 (+ (- |c_#NULL.base|) 1)) (or (= v_v_10_1 (select |c_#valid| v_idx_14)) (<= v_b_0_1 v_idx_14)) (<= (- (- |c_#NULL.base|) |c_#NULL.offset|) 0) (<= (- (- |c_#NULL.base|) (- v_b_0_1)) 0) (= (- |c_#NULL.offset|) 0) (or (< v_idx_15 v_b_0_1) (= (select |c_#valid| v_idx_15) v_v_11_1) (<= v_b_1_1 v_idx_15)) (= 0 |c_#NULL.base|) (= (+ (- |c_#NULL.base|) 1) (+ |c_#NULL.offset| 1)) (<= (- |c_#NULL.base| v_b_1_1) (- 1)) (<= (- (- |c_#NULL.base|) |c_#NULL.base|) 0) (<= (- v_b_0_1 (- v_b_1_1)) 1) (<= (- (- v_b_0_1) v_b_1_1) (- 1)) (= 0 v_b_0_1) (= v_v_6_1 (select v_v_5_1 v_idx_12)) (<= (- (- |c_#NULL.offset|) v_b_1_1) (- 1)) (<= (- |c_#NULL.base| |c_#NULL.offset|) 0) (<= (- |c_#NULL.offset| v_b_1_1) (- 1)) (<= (- v_b_1_1 (- v_b_1_1)) 2) (<= (- |c_#NULL.offset| (- v_b_0_1)) 0) (<= (- |c_#NULL.offset| (- |c_#NULL.offset|)) 0) (= v_v_9_1 (select |c_ULTIMATE.start_~malloc_old_#length| v_idx_22)) (= (select |c_ULTIMATE.start_~malloc_old_#valid| v_idx_11) v_v_2_1) (<= (- (- |c_#NULL.offset|) (- v_b_0_1)) 0) (<= (- |c_#NULL.base| (- v_b_0_1)) 0) (= v_v_0_1 (select |c_#length| v_idx_19)) (<= (- (- |c_#NULL.offset|) v_b_0_1) 0) (<= (- (- |c_#NULL.base|) (- |c_#NULL.offset|)) 0) (<= (- |c_#NULL.offset| v_b_0_1) 0) (= |c_#NULL.offset| 0) (= (+ |c_#NULL.base| 1) (+ (- |c_#NULL.base|) 1)) (= (+ (- |c_#NULL.base|) 1) (+ (- |c_#NULL.offset|) 1)))))} [2019-01-07 16:12:16,348 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 16:12:16,349 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 16:12:16,349 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 16:12:16,434 WARN L270 ngHoareTripleChecker]: Pre: {2147483647#true} [2019-01-07 16:12:16,434 WARN L274 ngHoareTripleChecker]: Action: #NULL.base, #NULL.offset := 0, 0;#valid := #valid[0 := false]; [2019-01-07 16:12:16,435 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (= |c_#NULL.offset_primed| 0) (= |c_#NULL.base_primed| 0) (= |c_#valid_primed| (store |c_#valid| 0 false))) [2019-01-07 16:12:17,273 WARN L276 ngHoareTripleChecker]: Post: {2147483646#(and (<= (- (- |#NULL.offset|) |#NULL.offset|) 0) (= 0 |#NULL.base|) (= (+ (- |#NULL.base|) 1) (+ |#NULL.offset| 1)) (<= (- (- |#NULL.base|) |#NULL.base|) 0) (forall ((v_idx_15 Int)) (or (< v_idx_15 0) (not (select |#valid| v_idx_15)) (<= 1 (+ v_idx_15 |#NULL.base|)))) (<= 0 |#NULL.base|) (<= 0 |#NULL.offset|) (<= (- |#NULL.base| |#NULL.offset|) 0) (<= (* 2 |#NULL.base|) 0) (<= |#NULL.base| |#NULL.offset|) (<= (- |#NULL.offset| (- |#NULL.offset|)) 0) (<= (+ |#NULL.offset| |#NULL.base|) 0) (= |#NULL.base| 0) (<= |#NULL.base| 0) (<= (- |#NULL.base| (- |#NULL.base|)) 0) (<= |#NULL.offset| 0) (<= (- |#NULL.base| (- |#NULL.offset|)) 0) (<= 0 (+ |#NULL.offset| |#NULL.base|)) (= (- |#NULL.base|) 0) (<= (- (- |#NULL.base|) (- |#NULL.offset|)) 0) (= 1 (+ (- |#NULL.base|) 1)) (= |#NULL.offset| 0) (= (+ |#NULL.base| 1) (+ (- |#NULL.base|) 1)) (<= |#NULL.offset| |#NULL.base|) (<= 0 (* 2 |#NULL.base|)) (= (+ (- |#NULL.base|) 1) (+ (- |#NULL.offset|) 1)) (<= (- (- |#NULL.base|) |#NULL.offset|) 0) (= (- |#NULL.offset|) 0))} [2019-01-07 16:12:17,968 WARN L212 ngHoareTripleChecker]: Soundness check inconclusive for the following hoare triple [2019-01-07 16:12:17,968 WARN L217 ngHoareTripleChecker]: Expected: VALID Actual: UNKNOWN [2019-01-07 16:12:17,969 WARN L219 ngHoareTripleChecker]: Solver was "Z3" in version "4.8.3" [2019-01-07 16:12:17,969 WARN L223 ngHoareTripleChecker]: -- [2019-01-07 16:12:17,970 WARN L224 ngHoareTripleChecker]: Pre: {2147483645#(forall ((v_idx_25 Int) (v_idx_26 Int) (v_idx_23 Int) (v_idx_34 Int) (v_idx_24 Int) (v_idx_32 Int) (v_idx_33 Int) (v_idx_30 Int) (v_idx_31 Int) (v_idx_29 Int) (v_idx_27 Int) (v_idx_28 Int)) (exists ((v_v_2_1 Bool) (v_v_4_1 Bool) (v_v_8_1 Int) (v_v_9_1 Int) (v_v_7_1 (Array Int Int)) (v_v_12_1 Bool) (v_v_0_1 Int) (v_v_11_1 Bool) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_b_0_1 Int) (v_v_10_1 Bool) (v_v_6_1 Int) (v_b_1_1 Int)) (and (<= (- (- |c_#NULL.offset|) |c_#NULL.offset|) 0) (<= (- (- |c_#NULL.base|) (- v_b_1_1)) 1) (<= (- |c_#NULL.offset| (- v_b_1_1)) 1) (= 0 (+ v_b_1_1 (- 1))) (= (+ v_b_0_1 1) (+ (- |c_#NULL.base|) 1)) (<= (- |c_#NULL.base| (- v_b_1_1)) 1) (= (select |c_old(#memory_int)| v_idx_30) v_v_7_1) (<= (- (- |c_#NULL.offset|) (- v_b_1_1)) 1) (<= (- (- |c_#NULL.base|) v_b_0_1) 0) (<= (- (- |c_#NULL.base|) v_b_1_1) (- 1)) (= (+ (- v_b_1_1) 1) 0) (= (select |c_old(#valid)| v_idx_25) v_v_4_1) (<= (- |c_#NULL.base| v_b_0_1) 0) (= v_b_1_1 (+ (- |c_#NULL.base|) 1)) (<= (- (- v_b_0_1) (- v_b_1_1)) 1) (<= (- (- v_b_1_1) v_b_1_1) (- 2)) (= (+ (- |c_#NULL.base|) 1) (+ (- v_b_0_1) 1)) (<= (- v_b_0_1 v_b_1_1) (- 1)) (or (= (select |c_#valid| v_idx_28) v_v_12_1) (< v_idx_28 v_b_1_1)) (<= (- |c_#NULL.base| (- |c_#NULL.base|)) 0) (<= (- v_b_0_1 (- v_b_0_1)) 0) (<= (- (- v_b_0_1) v_b_0_1) 0) (<= (- |c_#NULL.base| (- |c_#NULL.offset|)) 0) (not v_v_11_1) (= (- |c_#NULL.base|) 0) (= 1 (+ (- |c_#NULL.base|) 1)) (<= (- (- |c_#NULL.base|) |c_#NULL.offset|) 0) (<= (- (- |c_#NULL.base|) (- v_b_0_1)) 0) (= (- |c_#NULL.offset|) 0) (= 0 |c_#NULL.base|) (= (+ (- |c_#NULL.base|) 1) (+ |c_#NULL.offset| 1)) (<= (- |c_#NULL.base| v_b_1_1) (- 1)) (<= (- (- |c_#NULL.base|) |c_#NULL.base|) 0) (or (<= v_b_0_1 v_idx_26) (= v_v_10_1 (select |c_#valid| v_idx_26))) (<= (- v_b_0_1 (- v_b_1_1)) 1) (= v_v_5_1 (select |c_#memory_int| v_idx_29)) (<= (- (- v_b_0_1) v_b_1_1) (- 1)) (= 0 v_b_0_1) (<= (- (- |c_#NULL.offset|) v_b_1_1) (- 1)) (<= (- |c_#NULL.base| |c_#NULL.offset|) 0) (<= (- |c_#NULL.offset| v_b_1_1) (- 1)) (<= (- v_b_1_1 (- v_b_1_1)) 2) (<= (- |c_#NULL.offset| (- v_b_0_1)) 0) (<= (- |c_#NULL.offset| (- |c_#NULL.offset|)) 0) (= (select |c_ULTIMATE.start_~malloc_old_#length| v_idx_34) v_v_9_1) (<= (- (- |c_#NULL.offset|) (- v_b_0_1)) 0) (<= (- |c_#NULL.base| (- v_b_0_1)) 0) (or (= (select |c_#valid| v_idx_27) v_v_11_1) (< v_idx_27 v_b_0_1) (<= v_b_1_1 v_idx_27)) (<= (- (- |c_#NULL.offset|) v_b_0_1) 0) (= (select |c_#length| v_idx_31) v_v_0_1) (= (select v_v_7_1 v_idx_33) v_v_8_1) (<= (- (- |c_#NULL.base|) (- |c_#NULL.offset|)) 0) (<= (- |c_#NULL.offset| v_b_0_1) 0) (= (select |c_old(#length)| v_idx_32) v_v_1_1) (= |c_#NULL.offset| 0) (= (+ |c_#NULL.base| 1) (+ (- |c_#NULL.base|) 1)) (= (select v_v_5_1 v_idx_24) v_v_6_1) (= (+ (- |c_#NULL.base|) 1) (+ (- |c_#NULL.offset|) 1)) (= (select |c_ULTIMATE.start_~malloc_old_#valid| v_idx_23) v_v_2_1))))} [2019-01-07 16:12:17,970 WARN L228 ngHoareTripleChecker]: Action: havoc main_main;havoc main_#t~malloc0.base, main_#t~malloc0.offset, main_#t~post3.base, main_#t~post3.offset, main_#t~mem1, main_#t~short2, main_~p~1.base, main_~p~1.offset, main_~q~1.base, main_~q~1.offset;~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];main_#t~malloc0.base, main_#t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;main_~p~1.base, main_~p~1.offset := main_#t~malloc0.base, main_#t~malloc0.offset;main_~q~1.base, main_~q~1.offset := main_~p~1.base, main_~p~1.offset; [2019-01-07 16:12:17,970 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (not (select |c_ULTIMATE.start_~malloc_old_#valid_primed| |c_ULTIMATE.start_~malloc_#res.base_primed|)) (= |c_ULTIMATE.start_main_#t~malloc0.base_primed| |c_ULTIMATE.start_~malloc_#res.base_primed|) (= |c_ULTIMATE.start_~malloc_old_#valid_primed| |c_#valid|) (= (store |c_ULTIMATE.start_~malloc_old_#length_primed| |c_ULTIMATE.start_~malloc_#res.base_primed| c_ULTIMATE.start_~malloc_~size_primed) |c_#length_primed|) (= |c_ULTIMATE.start_main_#t~malloc0.offset_primed| |c_ULTIMATE.start_~malloc_#res.offset_primed|) (= |c_ULTIMATE.start_~malloc_#res.offset_primed| 0) (= c_ULTIMATE.start_~malloc_~size_primed 400) (= c_ULTIMATE.start_main_~p~1.offset_primed |c_ULTIMATE.start_main_#t~malloc0.offset_primed|) (= (store |c_ULTIMATE.start_~malloc_old_#valid_primed| |c_ULTIMATE.start_~malloc_#res.base_primed| true) |c_#valid_primed|) (= c_ULTIMATE.start_main_~q~1.base_primed c_ULTIMATE.start_main_~p~1.base_primed) (= c_ULTIMATE.start_main_~p~1.base_primed |c_ULTIMATE.start_main_#t~malloc0.base_primed|) (= |c_ULTIMATE.start_~malloc_old_#length_primed| |c_#length|) (not (= |c_ULTIMATE.start_~malloc_#res.base_primed| 0)) (= c_ULTIMATE.start_main_~q~1.offset_primed c_ULTIMATE.start_main_~p~1.offset_primed)) [2019-01-07 16:12:17,971 WARN L230 ngHoareTripleChecker]: Post: {2147483644#(forall ((v_idx_47 Int) (v_idx_36 Int) (v_idx_48 Int) (v_idx_37 Int) (v_idx_45 Int) (v_idx_46 Int) (v_idx_35 Int) (v_idx_43 Int) (v_idx_44 Int) (v_idx_41 Int) (v_idx_42 Int) (v_idx_40 Int) (v_idx_38 Int) (v_idx_39 Int)) (exists ((v_b_6_1 Int) (v_b_7_1 Int) (v_v_4_1 Bool) (v_v_28_1 Int) (v_v_29_1 Int) (v_v_27_1 Int) (v_v_8_1 Int) (v_b_11_1 Int) (v_v_15_1 Bool) (v_v_0_1 Int) (v_v_7_1 (Array Int Int)) (v_v_23_1 Bool) (v_v_22_1 Bool) (v_v_1_1 Int) (v_v_5_1 (Array Int Int)) (v_v_6_1 Int) (v_b_10_1 Int) (v_v_21_1 Bool)) (and (<= (- (- |c_#NULL.offset|) |c_#NULL.offset|) 0) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- |c_#NULL.base| c_ULTIMATE.start_main_~q~1.offset) 0) (<= (- c_ULTIMATE.start_main_~p~1.offset (- v_v_28_1)) 400) (<= (- |c_#NULL.offset| |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- |c_#NULL.base| (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) c_ULTIMATE.start_main_~q~1.offset) 0) (= (select v_v_5_1 v_idx_36) v_v_6_1) (<= (- (- v_b_10_1) (- v_b_6_1)) 0) (<= (- v_v_28_1 (- v_v_28_1)) 800) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- (- |c_#NULL.base|) c_ULTIMATE.start_main_~q~1.offset) 0) (<= (- v_b_10_1 v_b_7_1) (- 1)) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| (- |c_ULTIMATE.start_main_#t~malloc0.offset|)) 0) (<= (- c_ULTIMATE.start_main_~q~1.offset (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- (- |c_#NULL.offset|) |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- (- v_b_11_1) (- v_b_7_1)) 0) (<= (- c_ULTIMATE.start_~malloc_~size (- v_v_28_1)) 800) (<= (- (- |c_#NULL.base|) c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- (- |c_ULTIMATE.start_~malloc_#res.offset|) |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- |c_#NULL.base| (- |c_#NULL.base|)) 0) (<= (- (- |c_#NULL.offset|) |c_ULTIMATE.start_main_#t~malloc0.offset|) 0) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) c_ULTIMATE.start_main_~p~1.offset) 0) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- c_ULTIMATE.start_main_~p~1.offset c_ULTIMATE.start_main_~q~1.offset) 0) (<= (- |c_#NULL.offset| c_ULTIMATE.start_main_~p~1.offset) 0) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) |c_ULTIMATE.start_main_#t~malloc0.offset|) 0) (<= (- |c_#NULL.base| (- |c_#NULL.offset|)) 0) (<= (- (- v_b_11_1) (- v_b_6_1)) (- 1)) (<= (- |c_#NULL.base| |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- (- c_ULTIMATE.start_main_~q~1.offset) (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- (- |c_#NULL.base|) (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- |c_#NULL.base| (- c_ULTIMATE.start_main_~p~1.offset)) 0) (<= (- (- |c_ULTIMATE.start_~malloc_#res.base|) (- v_b_11_1)) 1) (<= (- (- |c_#NULL.base|) |c_#NULL.offset|) 0) (<= (- (- |c_#NULL.base|) c_ULTIMATE.start_main_~p~1.offset) 0) (<= (- |c_ULTIMATE.start_~malloc_#res.offset| (- v_v_28_1)) 400) (<= (- (- |c_#NULL.offset|) (- |c_ULTIMATE.start_main_#t~malloc0.offset|)) 0) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| c_ULTIMATE.start_main_~q~1.offset) 0) (<= (- c_ULTIMATE.start_main_~p~1.offset (- c_ULTIMATE.start_main_~q~1.offset)) 0) (<= (- (- c_ULTIMATE.start_main_~q~1.offset) |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) v_v_28_1) (- 400)) (<= (- |c_#NULL.offset| v_v_28_1) (- 400)) (<= (- |c_ULTIMATE.start_~malloc_#res.offset| c_ULTIMATE.start_~malloc_~size) (- 400)) (= (+ |c_ULTIMATE.start_~malloc_#res.base| 1) (+ v_b_6_1 1)) (<= (- |c_#NULL.offset| (- v_v_28_1)) 400) (<= (- |c_#NULL.offset| (- c_ULTIMATE.start_main_~q~1.offset)) 0) (<= (- c_ULTIMATE.start_main_~p~1.offset c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- c_ULTIMATE.start_main_~q~1.offset (- v_v_28_1)) 400) (<= (- v_b_11_1 v_b_7_1) 0) (= v_v_0_1 (select |c_ULTIMATE.start_~malloc_old_#length| v_idx_48)) (= v_v_4_1 (select |c_old(#valid)| v_idx_37)) (<= (- (- |c_#NULL.offset|) c_ULTIMATE.start_main_~p~1.offset) 0) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) (- v_v_28_1)) 400) (<= (- (- |c_#NULL.base|) (- |c_ULTIMATE.start_main_#t~malloc0.offset|)) 0) (<= (- |c_#NULL.offset| |c_ULTIMATE.start_main_#t~malloc0.offset|) 0) (<= (- |c_#NULL.offset| c_ULTIMATE.start_main_~q~1.offset) 0) (<= (- c_ULTIMATE.start_main_~q~1.offset (- c_ULTIMATE.start_main_~q~1.offset)) 0) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) c_ULTIMATE.start_main_~p~1.offset) 0) (<= (- (- c_ULTIMATE.start_main_~q~1.offset) c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- (- |c_#NULL.base|) |c_ULTIMATE.start_main_#t~malloc0.offset|) 0) (<= (- c_ULTIMATE.start_main_~p~1.offset (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- |c_#NULL.offset| (- |c_ULTIMATE.start_main_#t~malloc0.offset|)) 0) (<= (- (- v_b_10_1) (- v_b_11_1)) 1) (<= (- |c_#NULL.base| (- v_v_28_1)) 400) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| (- v_v_28_1)) 400) (or (< v_idx_46 v_b_11_1) (= (select |c_#length| v_idx_46) v_v_29_1)) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) c_ULTIMATE.start_main_~q~1.offset) 0) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- |c_#NULL.offset| c_ULTIMATE.start_~malloc_~size) (- 400)) (= v_b_11_1 (+ v_b_6_1 1)) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- (- |c_#NULL.offset|) (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- c_ULTIMATE.start_main_~q~1.offset c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- |c_#NULL.base| c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- |c_#NULL.base| |c_ULTIMATE.start_main_#t~malloc0.offset|) 0) (<= (- v_b_10_1 v_b_6_1) 0) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| (- c_ULTIMATE.start_main_~q~1.offset)) 0) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| c_ULTIMATE.start_main_~p~1.offset) 0) (<= (- (- c_ULTIMATE.start_main_~q~1.offset) v_v_28_1) (- 400)) (<= (- c_ULTIMATE.start_~malloc_~size v_v_28_1) 0) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- (- c_ULTIMATE.start_~malloc_~size) c_ULTIMATE.start_~malloc_~size) (- 800)) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| v_v_28_1) (- 400)) (<= (- (- c_ULTIMATE.start_main_~q~1.offset) (- v_v_28_1)) 400) (= v_b_7_1 (+ v_b_6_1 1)) (or (= (select |c_#valid| v_idx_39) v_v_22_1) (<= v_b_7_1 v_idx_39) (< v_idx_39 v_b_6_1)) (<= (- (- |c_#NULL.base|) (- c_ULTIMATE.start_main_~q~1.offset)) 0) (<= (- c_ULTIMATE.start_main_~q~1.offset |c_ULTIMATE.start_~malloc_#res.offset|) 0) (= |c_ULTIMATE.start_~malloc_#res.base| (+ v_b_11_1 (- 1))) (<= (- |c_#NULL.offset| (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- (- |c_#NULL.offset|) (- c_ULTIMATE.start_main_~p~1.offset)) 0) (<= (- (- |c_#NULL.offset|) (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- |c_#NULL.offset| (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- c_ULTIMATE.start_main_~q~1.offset v_v_28_1) (- 400)) (<= (- (- |c_#NULL.offset|) c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- |c_ULTIMATE.start_~malloc_#res.offset| (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- (- |c_#NULL.base|) (- v_v_28_1)) 400) (<= (- (- |c_#NULL.base|) |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- (- |c_ULTIMATE.start_~malloc_#res.base|) (- v_b_7_1)) 1) (<= (- c_ULTIMATE.start_main_~q~1.offset (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- v_b_11_1 v_b_6_1) 1) (<= (- (- |c_ULTIMATE.start_~malloc_#res.offset|) c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) (- v_v_28_1)) 400) (<= (- c_ULTIMATE.start_main_~p~1.offset |c_ULTIMATE.start_~malloc_#res.offset|) 0) (<= (- (- |c_#NULL.base|) (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- (- c_ULTIMATE.start_main_~q~1.offset) (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- c_ULTIMATE.start_main_~p~1.offset (- c_ULTIMATE.start_~malloc_~size)) 400) (= v_v_8_1 (select v_v_7_1 v_idx_47)) (<= (- (- |c_#NULL.offset|) v_v_28_1) (- 400)) (<= (- c_ULTIMATE.start_main_~p~1.offset v_v_28_1) (- 400)) (<= (- (- |c_#NULL.offset|) (- c_ULTIMATE.start_main_~q~1.offset)) 0) (= |c_ULTIMATE.start_~malloc_#res.base| v_b_6_1) (= |c_ULTIMATE.start_~malloc_#res.base| (+ v_b_7_1 (- 1))) (or (<= v_b_6_1 v_idx_38) (= (select |c_#valid| v_idx_38) v_v_21_1)) (<= (- (- v_v_28_1) v_v_28_1) (- 800)) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- |c_ULTIMATE.start_~malloc_#res.base| v_b_11_1) (- 1)) (<= (- (- |c_ULTIMATE.start_~malloc_#res.offset|) v_v_28_1) (- 400)) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) (- c_ULTIMATE.start_main_~q~1.offset)) 0) (<= (- |c_#NULL.base| c_ULTIMATE.start_main_~p~1.offset) 0) (<= (- (- |c_#NULL.base|) |c_#NULL.base|) 0) (<= (- (- v_b_6_1) (- v_b_7_1)) 1) (<= (- (- |c_#NULL.offset|) c_ULTIMATE.start_main_~q~1.offset) 0) (= |c_ULTIMATE.start_~malloc_#res.base| v_b_10_1) (<= (- (- |c_ULTIMATE.start_~malloc_#res.offset|) (- c_ULTIMATE.start_~malloc_~size)) 400) (= (select |c_old(#length)| v_idx_43) v_v_1_1) (<= (- (- c_ULTIMATE.start_~malloc_~size) v_v_28_1) (- 800)) (<= (- (- |c_#NULL.offset|) (- v_v_28_1)) 400) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) (- c_ULTIMATE.start_main_~q~1.offset)) 0) (or (<= v_b_10_1 v_idx_44) (= (select |c_#length| v_idx_44) v_v_27_1)) (= (select |c_ULTIMATE.start_~malloc_old_#valid| v_idx_35) v_v_15_1) (<= (- |c_ULTIMATE.start_~malloc_#res.base| v_b_10_1) 0) (<= (- v_b_10_1 v_b_11_1) (- 1)) (<= (- (- v_b_10_1) (- v_b_7_1)) 1) (<= (- |c_#NULL.base| |c_#NULL.offset|) 0) (<= (- c_ULTIMATE.start_main_~p~1.offset (- c_ULTIMATE.start_main_~p~1.offset)) 0) (<= (- (- c_ULTIMATE.start_main_~q~1.offset) c_ULTIMATE.start_main_~q~1.offset) 0) (<= (- |c_#NULL.base| (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- (- |c_#NULL.base|) v_v_28_1) (- 400)) (<= (- |c_#NULL.base| (- |c_ULTIMATE.start_main_#t~malloc0.offset|)) 0) (<= (- |c_ULTIMATE.start_~malloc_#res.base| v_b_6_1) 0) (<= (- |c_#NULL.offset| (- |c_#NULL.offset|)) 0) (= v_v_5_1 (select |c_#memory_int| v_idx_41)) (<= (- (- |c_ULTIMATE.start_~malloc_#res.base|) (- v_b_6_1)) 0) (<= (- (- c_ULTIMATE.start_~malloc_~size) (- v_v_28_1)) 0) (<= (- |c_ULTIMATE.start_~malloc_#res.base| v_b_7_1) (- 1)) (or (< v_idx_45 v_b_10_1) (<= v_b_11_1 v_idx_45) (= (select |c_#length| v_idx_45) v_v_28_1)) (<= (- v_b_6_1 v_b_7_1) (- 1)) (= (select |c_old(#memory_int)| v_idx_42) v_v_7_1) (<= (- (- |c_#NULL.base|) (- c_ULTIMATE.start_main_~p~1.offset)) 0) (= (+ v_b_10_1 1) (+ v_b_6_1 1)) (or (< v_idx_40 v_b_7_1) (= (select |c_#valid| v_idx_40) v_v_23_1)) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) (- c_ULTIMATE.start_~malloc_~size)) 400) (<= (- c_ULTIMATE.start_~malloc_~size (- c_ULTIMATE.start_~malloc_~size)) 800) (<= (- |c_ULTIMATE.start_main_#t~malloc0.offset| (- c_ULTIMATE.start_main_~p~1.offset)) 0) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) (- c_ULTIMATE.start_main_~p~1.offset)) 0) (<= (- |c_ULTIMATE.start_~malloc_#res.offset| v_v_28_1) (- 400)) (<= (- |c_#NULL.base| v_v_28_1) (- 400)) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) v_v_28_1) (- 400)) (<= (- (- |c_ULTIMATE.start_~malloc_#res.offset|) (- v_v_28_1)) 400) (<= (- |c_ULTIMATE.start_~malloc_#res.offset| (- |c_ULTIMATE.start_~malloc_#res.offset|)) 0) (<= (- |c_#NULL.base| (- c_ULTIMATE.start_main_~q~1.offset)) 0) (<= (- (- |c_ULTIMATE.start_main_#t~malloc0.offset|) c_ULTIMATE.start_~malloc_~size) (- 400)) (<= (- (- |c_#NULL.base|) (- |c_#NULL.offset|)) 0) (<= (- (- c_ULTIMATE.start_main_~p~1.offset) (- c_ULTIMATE.start_~malloc_~size)) 400) v_v_22_1 (<= (- (- |c_ULTIMATE.start_~malloc_#res.base|) (- v_b_10_1)) 0) (<= (- |c_#NULL.offset| (- c_ULTIMATE.start_main_~p~1.offset)) 0))))} [2019-01-07 16:12:17,972 WARN L263 ngHoareTripleChecker]: unsat core / model generation is disabled, enable it to get more details [2019-01-07 16:12:17,973 WARN L268 ngHoareTripleChecker]: -- [2019-01-07 16:12:17,973 WARN L269 ngHoareTripleChecker]: Simplified triple [2019-01-07 16:12:18,688 WARN L270 ngHoareTripleChecker]: Pre: {2147483645#(and (<= (- (- |#NULL.offset|) |#NULL.offset|) 0) (= 0 |#NULL.base|) (= (+ (- |#NULL.base|) 1) (+ |#NULL.offset| 1)) (forall ((v_idx_27 Int)) (or (<= 1 (+ |#NULL.base| v_idx_27)) (not (select |#valid| v_idx_27)) (< v_idx_27 0))) (<= (- (- |#NULL.base|) |#NULL.base|) 0) (<= 0 |#NULL.base|) (<= 0 |#NULL.offset|) (<= (- |#NULL.base| |#NULL.offset|) 0) (<= (* 2 |#NULL.base|) 0) (<= |#NULL.base| |#NULL.offset|) (<= (- |#NULL.offset| (- |#NULL.offset|)) 0) (<= (+ |#NULL.offset| |#NULL.base|) 0) (= |#NULL.base| 0) (<= |#NULL.base| 0) (<= (- |#NULL.base| (- |#NULL.base|)) 0) (<= |#NULL.offset| 0) (<= (- |#NULL.base| (- |#NULL.offset|)) 0) (<= 0 (+ |#NULL.offset| |#NULL.base|)) (= (- |#NULL.base|) 0) (<= (- (- |#NULL.base|) (- |#NULL.offset|)) 0) (= 1 (+ (- |#NULL.base|) 1)) (= |#NULL.offset| 0) (= (+ |#NULL.base| 1) (+ (- |#NULL.base|) 1)) (<= |#NULL.offset| |#NULL.base|) (<= 0 (* 2 |#NULL.base|)) (= (+ (- |#NULL.base|) 1) (+ (- |#NULL.offset|) 1)) (<= (- (- |#NULL.base|) |#NULL.offset|) 0) (= (- |#NULL.offset|) 0))} [2019-01-07 16:12:18,689 WARN L274 ngHoareTripleChecker]: Action: havoc main_main;havoc main_#t~malloc0.base, main_#t~malloc0.offset, main_#t~post3.base, main_#t~post3.offset, main_#t~mem1, main_#t~short2, main_~p~1.base, main_~p~1.offset, main_~q~1.base, main_~q~1.offset;~malloc_old_#length, ~malloc_old_#valid := #length, #valid;~malloc_~size := 400;havoc ~malloc_#res.base, ~malloc_#res.offset;havoc #valid, #length;assume ~malloc_old_#valid[~malloc_#res.base] == false;assume #valid == ~malloc_old_#valid[~malloc_#res.base := true];assume ~malloc_#res.offset == 0;assume ~malloc_#res.base != 0;assume #length == ~malloc_old_#length[~malloc_#res.base := ~malloc_~size];main_#t~malloc0.base, main_#t~malloc0.offset := ~malloc_#res.base, ~malloc_#res.offset;main_~p~1.base, main_~p~1.offset := main_#t~malloc0.base, main_#t~malloc0.offset;main_~q~1.base, main_~q~1.offset := main_~p~1.base, main_~p~1.offset; [2019-01-07 16:12:18,689 WARN L184 hOps$ForEachOp$OfRef]: ActionStr: (and (not (select |c_ULTIMATE.start_~malloc_old_#valid_primed| |c_ULTIMATE.start_~malloc_#res.base_primed|)) (= |c_ULTIMATE.start_main_#t~malloc0.base_primed| |c_ULTIMATE.start_~malloc_#res.base_primed|) (= |c_ULTIMATE.start_~malloc_old_#valid_primed| |c_#valid|) (= (store |c_ULTIMATE.start_~malloc_old_#length_primed| |c_ULTIMATE.start_~malloc_#res.base_primed| c_ULTIMATE.start_~malloc_~size_primed) |c_#length_primed|) (= |c_ULTIMATE.start_main_#t~malloc0.offset_primed| |c_ULTIMATE.start_~malloc_#res.offset_primed|) (= |c_ULTIMATE.start_~malloc_#res.offset_primed| 0) (= c_ULTIMATE.start_~malloc_~size_primed 400) (= c_ULTIMATE.start_main_~p~1.offset_primed |c_ULTIMATE.start_main_#t~malloc0.offset_primed|) (= (store |c_ULTIMATE.start_~malloc_old_#valid_primed| |c_ULTIMATE.start_~malloc_#res.base_primed| true) |c_#valid_primed|) (= c_ULTIMATE.start_main_~q~1.base_primed c_ULTIMATE.start_main_~p~1.base_primed) (= c_ULTIMATE.start_main_~p~1.base_primed |c_ULTIMATE.start_main_#t~malloc0.base_primed|) (= |c_ULTIMATE.start_~malloc_old_#length_primed| |c_#length|) (not (= |c_ULTIMATE.start_~malloc_#res.base_primed| 0)) (= c_ULTIMATE.start_main_~q~1.offset_primed c_ULTIMATE.start_main_~p~1.offset_primed))